Preview Image

SSRF with blacklist-based input filter

Laboratorio de Portswigger sobre SSRF

Nov 29, 2024 Portswigger Labs, SSRF

Preview Image

Blind SSRF with out-of-band detection

Laboratorio de Portswigger sobre SSRF

Nov 29, 2024 Portswigger Labs, SSRF

Preview Image

Basic SSRF against another back-end system

Laboratorio de Portswigger sobre SSRF

Nov 29, 2024 Portswigger Labs, SSRF

Preview Image

Basic SSRF against the local server

Laboratorio de Portswigger sobre SSRF

Nov 29, 2024 Portswigger Labs, SSRF

Preview Image

Exploiting XXE via image file upload

Laboratorio de Portswigger sobre XXE

Nov 27, 2024 Portswigger Labs, XXE

Preview Image

Exploiting XInclude to retrieve files

Laboratorio de Portswigger sobre XXE

Nov 27, 2024 Portswigger Labs, XXE

Preview Image

Exploiting blind XXE to retrieve data via error messages

Laboratorio de Portswigger sobre XXE

Nov 27, 2024 Portswigger Labs, XXE

Preview Image

Exploiting blind XXE to exfiltrate data using a malicious external DTD

Laboratorio de Portswigger sobre XXE

Nov 27, 2024 Portswigger Labs, XXE

Preview Image

Blind XXE with out-of-band interaction via XML parameter entities

Laboratorio de Portswigger sobre XXE

Nov 27, 2024 Portswigger Labs, XXE

Preview Image

Blind XXE with out-of-band interaction

Laboratorio de Portswigger sobre XXE

Nov 27, 2024 Portswigger Labs, XXE